Malicious Malware and injection of code

Hi all,

I seem to be having a real battle with code being injected into my opencart store and as a result my hosting company keep shutting my website down.

Is anyone else experiencing similar constant issues?

I have recently upgraded from 1.5x to 2.2 and still seem to be having issues.

Does anyone know if the hosting company should be doing more to help manage this?

You can ask your Hosting Company to install "ModSecurity" (or equivalent) to protect your site and their servers. It will never be 100% bullet-proof but it does help massively in stopping unwanted connections, like Sql injection attempts and spambots.

Alternatively you may want to change Host. I recommend VidaHost (UK) myself but they are not the only good one, of course.

Also ensure your hosting plans involves the use of Anti-Virus protection within your domain. It would neither be the most proof solution as there isn't quite any but should help you greatly to maintain a good quality reference for other domains.

A lot depends on your hosting environment:

Is it shared, is it vps or dedicated?

There's a difference between your actual site being hacked and the server itself being hacked. Keeping your own site(s) safe are generally your responsibility unless you have some sort of managed agreement for them to provide these types of services.

Are you only hosting one site or are you running additional sites that use other software such as Wordpress or Joomla, etc? If you're running other software for other sites, it's very likely that they are the culprit and they may still be infected.

Are your passwords strong?

Are you using encryption anywhere? ie. ftp, on your site, etc

When you upgraded to 2.x, are you sure there weren't any 'holes' or old malicious code transferred over?

There are a lot of variables. If you can answer any of the above, that will help a lot.